You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Extracting restricted_to into a reference to an array of strings (so I can reuse it for multiple hosts) throws validation error although as a YAML it's valid.
I wanted to reuse the anchor with allowed_ip_ranges (see below) for multiple hosts.
Steps to Reproduce
Create policy with array of CIDRs in an anchor:
- !policy
id: our-vault
body:
- &allowed_ip_ranges
- 10.62.0.0/16
- 10.208.0.0/16
- 10.63.80.0/24
- !host
id: machine
restricted_to: *allowed_ip_ranges
- &secrets
- !variable
id: vault-password
- !permit
role: !host machine
privileges:
- read # the host can retrieve the names of the variables
- execute # the host can retrieve the values of the variables
resource: *secrets
Load the policy to conjur
Expected Results
Policy is parsed successfully and allowed_ip_ranges array values are used as restricted_to
Summary
Extracting
restricted_to
into a reference to an array of strings (so I can reuse it for multiple hosts) throws validation error although as a YAML it's valid.I wanted to reuse the anchor with
allowed_ip_ranges
(see below) for multiple hosts.Steps to Reproduce
Expected Results
Policy is parsed successfully and allowed_ip_ranges array values are used as restricted_to
Actual Results
Following error is returned:
Reproducible
Always
Version/Tag number
Additional Information
Seems that YAML anchors work just fine for
variable
andhost
arrays.The text was updated successfully, but these errors were encountered: